How to install SPF for Postfix.

1) Introduction

This guide explains how to install and integrate Sender Policy Framework (SPF)checking with Postfix.

SPF is an e-mail anti-forgery technology the enables domain owners to list, in the Domain Name Service (DNS), authorized sources of mail from their domains. It enables mail receivers to reject mail that does not come from authorized sources. This guide describes the second part of the protocol, rejecting mail from unauthorized sources. It assumes you have your Postfix set up and running. Setting up and running Postfix is described elsewhere in the wiki and in the Postfix documentation.

2) Install SPF.

# cd /usr/ports/mail/postfix-policyd-spf-perl/

# make install clean

3) Postfix Integration

There are a number of changes the need to be made to integrate SPF checking with Postfix.

3.1 Enabling the Policy Service

#vi /usr/local/etc/postfix/main.cf

policy-spf_time_limit = 3600s

smtpd_recipient_restrictions =

permit_sasl_authenticated

permit_mynetworks

reject_unauth_destination

check_policy_service unix:private/policy-spf

 

#vi /usr/local/etc/postfix/master.cf

policy-spf  unix  –       n       n       –       –       spawn

user=nobody argv=/usr/sbin/postfix-policyd-spf-perl

 

3.2  Reload Postfix

#postfix reload

3.3 Verifying It’s Working

#tail -f /var/log/mail.log

 

Be the first to comment

Leave a Reply